Mercurial > lxmppd-hg-xmllex / changeset

changeset

mod_tls: Only negotiate TLS on outgoing s2s connections if we have an SSL context (thanks Flo...)

Tue, 16 Feb 2010 17:15:43 +0000

author
Matthew Wild <mwild1@gmail.com>
date
Tue, 16 Feb 2010 17:15:43 +0000
changeset 2654
07a6f5f9d4be
parent 2652
cbc58fc170ad
child 2655
42a6e4d09b09
child 2656
9fab59009397

mod_tls: Only negotiate TLS on outgoing s2s connections if we have an SSL context (thanks Flo...)

plugins/mod_tls.lua file | annotate | diff | comparison | revisions 
--- a/plugins/mod_tls.lua	Tue Feb 16 15:05:18 2010 +0000
+++ b/plugins/mod_tls.lua	Tue Feb 16 17:15:43 2010 +0000
@@ -29,6 +29,8 @@
 		return session.conn.starttls and host.ssl_ctx_in;
 	elseif session.type == "s2sin_unauthed" then
 		return session.conn.starttls and host.ssl_ctx_in;
+	elseif session.direction == "outgoing" then
+		return session.conn.starttls and host.ssl_ctx;
 	end
 	return false;
 end
@@ -69,7 +71,7 @@
 -- For s2sout connections, start TLS if we can
 module:hook_stanza("http://etherx.jabber.org/streams", "features", function (session, stanza)
 	module:log("debug", "Received features element");
-	if session.conn.starttls and stanza:child_with_ns(xmlns_starttls) then
+	if can_do_tls(session) and stanza:child_with_ns(xmlns_starttls) then
 		module:log("%s is offering TLS, taking up the offer...", session.to_host);
 		session.sends2s("<starttls xmlns='"..xmlns_starttls.."'/>");
 		return true;

Mercurial Repository: lxmppd-hg-xmllex

mercurial